<?php
     require("./00_init.php");
    $uname=$_REQUEST['uname'];
    $upwd=$_REQUEST['upwd'];
    //通过正则表达式再次验证
    $unamePattern='/[a-zA-Z0-9]{3,12}/';
    $upwdPattern='/[a-zA-Z0-9]{3,12}/';
    if(!preg_match($unamePattern,$uname)){
        echo '{"code":-2,"msg":"用户名格式不正确"}';
        exit;//停止PHP运行
    }
  if(!preg_match($upwdPattern,$upwd)){
        echo '{"code":-2,"msg":"密码格式不正确"}';
        exit;//停止PHP运行
    }
    $sql="SELECT * FROM xz_user WHERE uname='$uname' AND upwd=md5('$upwd')";
    $request=mysqli_query($conn,$sql);
    $row=mysqli_fetch_assoc($request);
    if($row==null){
        echo '{"code":-1,"msg":"用户名密码不正确"}';
    }else{
       echo '{"code":1,"msg":"登陆成功"}';
    }
?>